Created a simple middleware to fix a bug in Django's built-in remote user middleware that properly sets the header name to have the HTTP\_ prefix and added a backend that authenticates or creates a user given nothing but the header. I also had to modify the settings.py to load the new middleware class.

Testing Done

I did some testing on a one node virtual cluster running CDH4.1. I applied the patch, set the backend to desktop.auth.backend.RemoteUserDjangoBackend and then used a Firefox add on to set the REMOTE\_USER header as if the request came through a proxy. I then changed the backend back to the default one and verified that setting the header had no effect.